X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=ssl%2Fssl_lib.c;h=c59aa847e4a2e4436cc936af0561e1c98f49347a;hp=c244c3c27c8c07b0ffa58b536e4cb6a3de64cda0;hb=8af91fd9d08487e0dffb6ccac5f42633c964f3f0;hpb=564547e482406c2d4c56a59e288b3a479dac2d74 diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index c244c3c27c..c59aa847e4 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -741,7 +741,7 @@ int SSL_has_matching_session_id(const SSL *ssl, const unsigned char *id, { /* * A quick examination of SSL_SESSION_hash and SSL_SESSION_cmp shows how - * we can "construct" a session to give us the desired check - ie. to + * we can "construct" a session to give us the desired check - i.e. to * find if there's a session in the hash table that would conflict with * any new session built out of this id/id_len and the ssl_version in use * by this SSL. @@ -1015,9 +1015,10 @@ void SSL_free(SSL *s) #endif OPENSSL_free(s->ext.ocsp.resp); OPENSSL_free(s->ext.alpn); + OPENSSL_free(s->ext.tls13_cookie); OPENSSL_free(s->clienthello); - sk_X509_NAME_pop_free(s->client_CA, X509_NAME_free); + sk_X509_NAME_pop_free(s->ca_names, X509_NAME_free); sk_X509_pop_free(s->verified_chain, X509_free); @@ -1320,7 +1321,7 @@ int SSL_has_pending(const SSL *s) * data. That data may not result in any application data, or we may fail * to parse the records for some reason. */ - if (SSL_pending(s)) + if (RECORD_LAYER_processed_read_pending(&s->rlayer)) return 1; return RECORD_LAYER_read_pending(&s->rlayer); @@ -1605,20 +1606,21 @@ int SSL_read_ex(SSL *s, void *buf, size_t num, size_t *readbytes) return ret; } -int SSL_read_early(SSL *s, void *buf, size_t num, size_t *readbytes) +int SSL_read_early_data(SSL *s, void *buf, size_t num, size_t *readbytes) { int ret; if (!s->server) { - SSLerr(SSL_F_SSL_READ_EARLY, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); - return SSL_READ_EARLY_ERROR; + SSLerr(SSL_F_SSL_READ_EARLY_DATA, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + return SSL_READ_EARLY_DATA_ERROR; } switch (s->early_data_state) { case SSL_EARLY_DATA_NONE: if (!SSL_in_before(s)) { - SSLerr(SSL_F_SSL_READ_EARLY, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); - return SSL_READ_EARLY_ERROR; + SSLerr(SSL_F_SSL_READ_EARLY_DATA, + ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + return SSL_READ_EARLY_DATA_ERROR; } /* fall through */ @@ -1628,7 +1630,7 @@ int SSL_read_early(SSL *s, void *buf, size_t num, size_t *readbytes) if (ret <= 0) { /* NBIO or error */ s->early_data_state = SSL_EARLY_DATA_ACCEPT_RETRY; - return SSL_READ_EARLY_ERROR; + return SSL_READ_EARLY_DATA_ERROR; } /* fall through */ @@ -1637,39 +1639,28 @@ int SSL_read_early(SSL *s, void *buf, size_t num, size_t *readbytes) s->early_data_state = SSL_EARLY_DATA_READING; ret = SSL_read_ex(s, buf, num, readbytes); /* - * Record layer will call ssl_end_of_early_data_seen() if we see - * that alert - which updates the early_data_state to - * SSL_EARLY_DATA_FINISHED_READING + * State machine will update early_data_state to + * SSL_EARLY_DATA_FINISHED_READING if we get an EndOfEarlyData + * message */ if (ret > 0 || (ret <= 0 && s->early_data_state != SSL_EARLY_DATA_FINISHED_READING)) { s->early_data_state = SSL_EARLY_DATA_READ_RETRY; - return ret > 0 ? SSL_READ_EARLY_SUCCESS : SSL_READ_EARLY_ERROR; + return ret > 0 ? SSL_READ_EARLY_DATA_SUCCESS + : SSL_READ_EARLY_DATA_ERROR; } } else { s->early_data_state = SSL_EARLY_DATA_FINISHED_READING; } *readbytes = 0; - ossl_statem_set_in_init(s, 1); - return SSL_READ_EARLY_FINISH; + return SSL_READ_EARLY_DATA_FINISH; default: - SSLerr(SSL_F_SSL_READ_EARLY, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); - return SSL_READ_EARLY_ERROR; + SSLerr(SSL_F_SSL_READ_EARLY_DATA, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + return SSL_READ_EARLY_DATA_ERROR; } } -int ssl_end_of_early_data_seen(SSL *s) -{ - if (s->early_data_state == SSL_EARLY_DATA_READING) { - s->early_data_state = SSL_EARLY_DATA_FINISHED_READING; - ossl_statem_finish_early_data(s); - return 1; - } - - return 0; -} - int SSL_get_early_data_status(const SSL *s) { return s->ext.early_data; @@ -1748,15 +1739,9 @@ int ssl_write_internal(SSL *s, const void *buf, size_t num, size_t *written) return -1; } - if (s->early_data_state == SSL_EARLY_DATA_WRITE_RETRY) { - /* - * We're still writing early data. We need to stop that so we can write - * normal data - */ - if (!SSL_write_early_finish(s)) - return 0; - } else if (s->early_data_state == SSL_EARLY_DATA_CONNECT_RETRY - || s->early_data_state == SSL_EARLY_DATA_ACCEPT_RETRY) { + if (s->early_data_state == SSL_EARLY_DATA_CONNECT_RETRY + || s->early_data_state == SSL_EARLY_DATA_ACCEPT_RETRY + || s->early_data_state == SSL_EARLY_DATA_READ_RETRY) { SSLerr(SSL_F_SSL_WRITE_INTERNAL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } @@ -1812,21 +1797,18 @@ int SSL_write_ex(SSL *s, const void *buf, size_t num, size_t *written) return ret; } -int SSL_write_early(SSL *s, const void *buf, size_t num, size_t *written) +int SSL_write_early_data(SSL *s, const void *buf, size_t num, size_t *written) { - int ret; - - if (s->server) { - SSLerr(SSL_F_SSL_WRITE_EARLY, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); - return 0; - } + int ret, early_data_state; switch (s->early_data_state) { case SSL_EARLY_DATA_NONE: - if (!SSL_in_before(s) + if (s->server + || !SSL_in_before(s) || s->session == NULL || s->session->ext.max_early_data == 0) { - SSLerr(SSL_F_SSL_WRITE_EARLY, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); + SSLerr(SSL_F_SSL_WRITE_EARLY_DATA, + ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } /* fall through */ @@ -1847,36 +1829,19 @@ int SSL_write_early(SSL *s, const void *buf, size_t num, size_t *written) s->early_data_state = SSL_EARLY_DATA_WRITE_RETRY; return ret; - default: - SSLerr(SSL_F_SSL_WRITE_EARLY, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); - return 0; - } -} - -int SSL_write_early_finish(SSL *s) -{ - int ret; - - if (s->early_data_state != SSL_EARLY_DATA_WRITE_RETRY) { - SSLerr(SSL_F_SSL_WRITE_EARLY_FINISH, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); - return 0; - } + case SSL_EARLY_DATA_FINISHED_READING: + case SSL_EARLY_DATA_READ_RETRY: + early_data_state = s->early_data_state; + /* We are a server writing to an unauthenticated client */ + s->early_data_state = SSL_EARLY_DATA_UNAUTH_WRITING; + ret = SSL_write_ex(s, buf, num, written); + s->early_data_state = early_data_state; + return ret; - s->early_data_state = SSL_EARLY_DATA_WRITING; - ret = ssl3_send_alert(s, SSL3_AL_WARNING, SSL_AD_END_OF_EARLY_DATA); - if (ret <= 0) { - s->early_data_state = SSL_EARLY_DATA_WRITE_RETRY; + default: + SSLerr(SSL_F_SSL_WRITE_EARLY_DATA, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return 0; } - s->early_data_state = SSL_EARLY_DATA_FINISHED_WRITING; - /* - * We set the enc_write_ctx back to NULL because we may end up writing - * in cleartext again if we get a HelloRetryRequest from the server. - */ - EVP_CIPHER_CTX_free(s->enc_write_ctx); - s->enc_write_ctx = NULL; - ossl_statem_set_in_init(s, 1); - return 1; } int SSL_shutdown(SSL *s) @@ -2264,7 +2229,7 @@ STACK_OF(SSL_CIPHER) *SSL_get1_supported_ciphers(SSL *s) ssl_set_client_disabled(s); for (i = 0; i < sk_SSL_CIPHER_num(ciphers); i++) { const SSL_CIPHER *c = sk_SSL_CIPHER_value(ciphers, i); - if (!ssl_cipher_disabled(s, c, SSL_SECOP_CIPHER_SUPPORTED)) { + if (!ssl_cipher_disabled(s, c, SSL_SECOP_CIPHER_SUPPORTED, 0)) { if (!sk) sk = sk_SSL_CIPHER_new_null(); if (!sk) @@ -2583,8 +2548,8 @@ void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx, } /* - * SSL_get0_alpn_selected gets the selected ALPN protocol (if any) from - * |ssl|. On return it sets |*data| to point to |*len| bytes of protocol name + * SSL_get0_alpn_selected gets the selected ALPN protocol (if any) from |ssl|. + * On return it sets |*data| to point to |*len| bytes of protocol name * (not including the leading length-prefix byte). If the server didn't * respond with a negotiated protocol then |*len| will be zero. */ @@ -2727,7 +2692,7 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth) goto err2; } - if ((ret->client_CA = sk_X509_NAME_new_null()) == NULL) + if ((ret->ca_names = sk_X509_NAME_new_null()) == NULL) goto err; if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_CTX, ret, &ret->ex_data)) @@ -2849,7 +2814,7 @@ void SSL_CTX_free(SSL_CTX *a) sk_SSL_CIPHER_free(a->cipher_list); sk_SSL_CIPHER_free(a->cipher_list_by_id); ssl_cert_free(a->cert); - sk_X509_NAME_pop_free(a->client_CA, X509_NAME_free); + sk_X509_NAME_pop_free(a->ca_names, X509_NAME_free); sk_X509_pop_free(a->extra_certs, X509_free); a->comp_methods = NULL; #ifndef OPENSSL_NO_SRTP @@ -3184,10 +3149,7 @@ int SSL_get_error(const SSL *s, int i) } if (SSL_want_write(s)) { - /* - * Access wbio directly - in order to use the buffered bio if - * present - */ + /* Access wbio directly - in order to use the buffered bio if present */ bio = s->wbio; if (BIO_should_write(bio)) return (SSL_ERROR_WANT_WRITE); @@ -3242,15 +3204,7 @@ int SSL_do_handshake(SSL *s) return -1; } - if (s->early_data_state != SSL_EARLY_DATA_NONE - && s->early_data_state != SSL_EARLY_DATA_FINISHED_WRITING - && s->early_data_state != SSL_EARLY_DATA_FINISHED_READING - && s->early_data_state != SSL_EARLY_DATA_ACCEPTING - && s->early_data_state != SSL_EARLY_DATA_CONNECTING) { - SSLerr(SSL_F_SSL_WRITE_INTERNAL, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); - return 0; - } - + ossl_statem_check_finish_init(s, -1); s->method->ssl_renegotiate_check(s, 0); @@ -3456,10 +3410,10 @@ SSL *SSL_dup(SSL *s) goto err; /* Dup the client_CA list */ - if (s->client_CA != NULL) { - if ((sk = sk_X509_NAME_dup(s->client_CA)) == NULL) + if (s->ca_names != NULL) { + if ((sk = sk_X509_NAME_dup(s->ca_names)) == NULL) goto err; - ret->client_CA = sk; + ret->ca_names = sk; for (i = 0; i < sk_X509_NAME_num(sk); i++) { xn = sk_X509_NAME_value(sk, i); if (sk_X509_NAME_set(sk, i, X509_NAME_dup(xn)) == NULL) { @@ -3938,7 +3892,7 @@ void SSL_set_not_resumable_session_callback(SSL *ssl, /* * Allocates new EVP_MD_CTX and sets pointer to it into given pointer * variable, freeing EVP_MD_CTX previously stored in that variable, if any. - * If EVP_MD pointer is passed, initializes ctx with this md. + * If EVP_MD pointer is passed, initializes ctx with this |md|. * Returns the newly allocated ctx; */ @@ -4407,7 +4361,8 @@ int ssl_validate_ct(SSL *s) CT_POLICY_EVAL_CTX_set1_cert(ctx, cert); CT_POLICY_EVAL_CTX_set1_issuer(ctx, issuer); CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE(ctx, s->ctx->ctlog_store); - CT_POLICY_EVAL_CTX_set_time(ctx, SSL_SESSION_get_time(SSL_get0_session(s))); + CT_POLICY_EVAL_CTX_set_time( + ctx, (uint64_t)SSL_SESSION_get_time(SSL_get0_session(s)) * 1000); scts = SSL_get0_peer_scts(s); @@ -4857,7 +4812,7 @@ int SSL_set_max_early_data(SSL *s, uint32_t max_early_data) return 1; } -uint32_t SSL_get_max_early_data(const SSL_CTX *s) +uint32_t SSL_get_max_early_data(const SSL *s) { return s->max_early_data; }